package com.gxuwz.medical.web.filter;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class PermissionInterceptor {
	// 在执行handler之前执行的
	// 用于用户认证校验、用户权限校验

	public boolean urlHandle(HttpServletRequest request, HttpServletResponse response, String goURL) throws Exception {
		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse res = (HttpServletResponse) response;
		HttpSession session = req.getSession();

		// 从Session中取出权限范围的URL
		List<String> urlDataLists = (List<String>) session.getAttribute("urlDataList");
		// System.out.println("urlDataList==" + urlDataLists);
		for (String urlDataList : urlDataLists) {
			String url = urlDataList;
			// System.out.println("goURL==" + goURL);
			// System.out.println("url==" + url);
			// System.out.println("值为==" + url.indexOf(goURL));

			if (url.indexOf(goURL) >= 0) {
				System.out.println("成功goURL==" + goURL);
				System.out.println("成功url==" + url);
				return true;
			}
		}
		// 如果返回false表示拦截器不继续执行handler，如果返回true表示放行
		return false;
	}

	/**
	 * 
	 * @Title: loginHandle @Description: 判断用户是否登录 @author 陈震洺 @param request @param
	 *         response @return @throws Exception @throws
	 */
	public boolean loginHandle(HttpServletRequest request, HttpServletResponse response) throws Exception {
		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse res = (HttpServletResponse) response;
		HttpSession session = req.getSession();
		if (session.getAttribute("userid") != null) {
			return true;
		}

		return false;
	}
}
